►
From YouTube: CDF - SIG Interoperability Meeting 2021-02-04
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
B
B
B
B
B
So
we
can
slowly
start
with
the
agenda
and
then
action
items.
B
If
you
want
to
join
and
then
I
want
to
give,
I
want
to
present
the
topic
policy
driven
ci
cd,
because
this
is
something
that
may
need
some
discussions
within
our
group
within
cdf
and
perhaps
with
other
communities,
because
there
is
not
enough
material
available
about
this
topic
from
community
perspective.
So
I
want
to
bring
this
topic
to
the
attention
of
all
of
you
and
see.
If
we
can
do
something
there
and
then
we
can
talk
about
standardized
metadata,
I've
seen
steve,
you
made
some
updates
on
the
hackmd.com.
Thank
you
for
that.
B
You
can
talk
about
that
and
then
finally,
we
have
ortelius
presentation
demo
as
the
last
topic
and
I
hope
steve
you
can
present
that
today.
B
Okay,
so
let's
start
with
action
items.
The
first
action
item
is
on
me
to
reach
out
to
I
mean
to
bring
an
example,
my
face
from
ebay
for
metadata
topic,
so
I
contacted
ramin
and
he
knows
he
has
an
action
item
on
him,
but
he
seems
to
be
busy
at
work
and
we
decide
that
we
close
the
action
item
and
when
ramin
is
ready
with
the
material
he
wants
to
share.
He
will
come
and
present
that
to
the
sikh.
B
So
we
close
that
he
is
well
aware
of
that
action
item
and
the
next
action
item
is
on
tracy
and
steve,
so
stevie
will
present
or
tell
you
so
I
close
this
action
item.
B
Third
action
item
is
on
events
in
cicd
work
stream
sake
to
providing
mood.
I've
seen
your
minutes
and
you
have
this
in
your
backlog
anyway.
So
I
guess
we
can
close
this
action
item
and
then
you
can
just
join
whenever
you
have
something
and
present
your
thoughts
from.
D
Yeah,
if
I
should
just
elaborate
on
what
we
have
there,
we
had
a
short
discussion
on
it.
This
monday
and
we
we
came
with
the
conclusion
that
we
we
don't
really
have
anything
in
the
in
the
area
that
this
asks
for
right
now.
I
guess
it's
asked
for
artifacts
and
commits
that's
the
first
thing
to
look
into
and
we
haven't
really
defined
anything
there
yet
in
our
group.
So
there's
nothing
really
to
to
provide
from
our
group.
B
B
Okay,
thanks
tracy
miranda
to
bring
the
white
paper
to
the
attention
of
cdf
creative
team.
I
think
we
can
close
this
because
she
already
presented
those
the
initial
pages
or
slides
last
during
class
meeting,
and
then
she
sent
an
email
today
about
this.
So
it's
well
in
progress
still
to
start
to
work
on
comment
metadata
and
I've.
Seen
steve,
you
put
some
information
on
the
candy
document
which
we
can
talk
about
when
the
topic
comes.
So
I
close
this.
B
It's
okay,
yeah
good
thanks,
dave
to
start
to
work
on
artwork
metadata
dave
here
I
don't
see
dave,
so
we
can
keep
that
open,
steve
and
tracy
to
bring
ortelius
example
in
new
repo.
Should
I
keep
it
open,
steve.
B
No,
it
was
I
if
I
remember
correctly
when
we
discussed
this
topic,
I
think
during
december,
like
almost
like
a
year
ago,
yeah,
I
know
you
mentioned
that
you
have
some
some
thing
within
or
tell
us,
which
is
relates
to
the
metadata
discussion.
We
are
having.
Oh.
C
One
now
that
we
have
the
the
repo
available
I'll
insert
some
of
the
some
images
of
what
we're
capturing
from
our
side.
B
Okay,
let
me
keep
it
open
and
then
we
can
revisit
this
in
two
weeks
or
later,
thanks
steve.
So
the
next
action
item
is
on
tracy
to
get
the
group
in
touch
with
tina
graves
sportman.
So
we
keep
this
open
and
see
what
tracy
says
next
time
when
she
joins
to
the
meeting
and
kara
and
fat
to
populate
references
in
white
paper.
This
is
in
progress
and
I
ask
few
questions
to
tracy
and
cara.
B
B
B
So
here
10
past
10,
the
sig
interpretability
talk
will
happen
and
then
quarter
past
11,
andrea
will
present
events
in
ci
cd
and,
as
I
mentioned
all
times,
our
central
european
time.
So
please
join
and
ask
questions.
If
you
have,
if
you
don't
get
answers
here,
we
may
answer
them
during
foster.
Who
knows
that
was
the
reminder
and
the
next
topic
on
the
agenda,
so
this
policy
driven
ci
cd,
I'm
sure
you
all
know
better
than
me
this
topic.
B
So
I
want
to
present
few
things
around
this
topic
and
bring
up
some
questions,
because
I
am
a
bit
how
to
say
I
couldn't
find
enough
references
on
this
topic,
at
least
from
the
communities,
and
some
of
you
may
already
be
doing
this
within
the
communities
you
are
contributing
to
or
within
the
companies
you
are
working
for.
So
this
is
just
a
presentation
to
start
the
discussion.
B
It's
possible
okay,
good,
so
I
have
this
sample
pipeline
because
I
always
like
to
see
things
visually
rather
than
lots
of
texts.
So
this
is
a
perhaps
kind
of
typical
sample
pipeline
with
lots
of
details
ignored.
So
we
have
few
teams
here:
team,
a
b
c.
They
do
their
development
and
they
send
their
code
to
sem
code
review
system
which
could
be
github
or
get
it
or
whatever
for
review
and
as
part
of
the
review
or
premarch
activities.
B
B
So
when
it
comes
to
what
organization
does
within
their
pipelines
generally
like
most
of
the
organization,
have
certain
types
or
certain
approaches
to
policy?
And
if
you
think
about
highly
regulated
industries
such
as
telecom
or
finance,
you
may
be
doing
more
than
just
security,
type
of
policy
and
foreign
enforcement
and
for
those
purposes
we
are
probably
using
different
police
frameworks
like
one
of
the
open
source
policy
frameworks
or
engines
are
often
policy
agent.
B
And
if
you
think,
in
that
perspective,
we
may
be
checking
the
comments
or
the
pull
request
to
see.
If
the
image
that
will
be
built
is
using
some
dependencies
that
are
not
in
line
with
the
policy.
For
example,
like
the
organization
may
require
version
xyz
of
dependency
and
the
commit
introduces
a
different
version
or
newer
version
of
the
dependency
which
is
not
vetted
yet
and
which
may
have
vulnerabilities.
B
So
this
could
be
a
policy
to
block
that
commit
to
continue
further
within
the
pipeline.
So
this
is
one
example
and
another
example
could
be
after
the
merge
of
that
commit
a
resulting
container
which
might
be
running
staging
and
there
might
be
privileges
like
root
privileges
used
within
the
container,
and
that
may
not
be
a
load
for
that
organization.
So
the
policy
framework
can
enforce
that.
That
image
should
not
be
should
not
proceed
within
the
next
stages
within
the
pipeline.
B
And
if
we
go
a
bit
further,
which
comes
to
like
a
bit
more
regulation,
type
of
stuff
assume
everything
went
fine
in
the
previous
stages
in
the
pipeline,
and
we
are
now
ready
to
roll
that
new
version
of
the
microservice
out
on
america's
or
eu
and
one
example
of
one
example.
Policy
could
be
that
we
don't
want
new
versions
of
microservices
to
be
rolled
out
during
friday
afternoon,
for
example,
because
we
want
to
have
a
nice
weekend
and
we
don't
want
to
deal
with
problems.
We
may
fail
catching
in
earlier
phase
of
our
pipeline.
B
So
that
is
one
example.
Another
example
could
be
regulations
like
you
know.
We
have
gdpr
in
european
union
and
we
may
have
a
feature
which
may
not
be,
which
may
not
be
adhering
to
gdpr
rules,
and
we
don't
want
that
version
to
be
rolled
out
to
eu,
but
it
may
be
fine
to
roll
that
version
of
microservice
to
america's
region.
In
that
case,
we
can
block
rolling
out
that
new
version
of
the
microservice,
the
eu,
but
we
can
proceed
rolling
that
out
to
america's.
B
I
guess
this
is
you
all
know
how
the
policy
works
so
now,
if
there
are
any
comments,
questions
here
about
any
of
these
things,
or
if
this
makes
sense,
you
can
just
talk
about
them
now
before
I
talk
about
the
problems.
C
What
you
said,
there's
some
existing
policy
frameworks
out
there.
Do
you
have
an
example
of
one
yeah.
B
Open
policy
agent
is
a
cncf
hosted
project
which
actually
got
graduated
a
few
days
ago,
so
that
project
seems
to
be
the
one
that
is
used
by
various
organizations
such
as
armory
has
a
policy
engine
implementation
uses
open
policy
agent
and
if
you
look
at
open
pace
agent
website,
they
also
talk
about
policy
driven
ci
as
part
of
their
community
documentation.
So
open
policy
agent
seemed
to
be
one
of
the
open
source
policy
frameworks.
Engines
and
another
example
to
policy
framework
is
coming
from
telecom
industry.
B
B
B
Okay,
so
now
I
did
some
googling
around
this
and
I,
as
I
mentioned
at
the
very
beginning,
the
like
at
least
the
icd
communities.
Don't
talk
about
policy
much?
B
So
if
I
want
to
use
policy
or
if
I
want
to
adopt
policy
driven
ci
cd
and
if
I
have
multiple
cic
technologies
within
our
organization's
pipelines,
then
I
have
a
problem
here,
because
then
I
have
two
different
cic
technologies
here
that
comes
with
its
own
issues.
Challenges
such
as
interoperability,
which
we
are
talking
about
for
over
a
year
and
the
other
issue
is
the
problems
introduced
by
the
use
of
different
policy
frameworks.
B
So
that
is
one
of
the
issues
I
faced
when
I
was
looking
after
this
topic,
and
the
other
challenge
I
noticed
is
that
in
some
cases
some
organizations
may
be
using
entirely
different
policy
frameworks
such
as
the
one
I
mentioned,
like
voice
framework
from
one
up
project
from
news
foundation.
Networking
that
is
not
used
neither
of
these
technology
cic
technologies.
Both
of
these
technologies
use
different
pulse
frameworks,
which
results
in
me
having
three
different
police
frameworks,
and
none
of
them
can
talk
to
each
other
because
they're
all
different.
B
They
use
different
policy
as
code
approaches,
for
example,
open
policy
agent
uses
rego
as
the
language
to
do
policy
escort
things
and
jenkins
pipelines.
Policy
pipelines
seem
to
be
using
its
own
language,
dsl
to
define
policies
and
the
external
policy
framework
is
using
yet
another
language.
B
I
think
it
is
rules,
so
that
is
language
is
one
problem
and
then
how
to
get
these
different
systems
talk
to
each
other
is
different
problem
and
how
to
ensure
I
can
control
and
confirm
configure
these
policies
in
a
simpler
way
is
a
different
problem,
and
there
is
another
problem
here
which
is
not
policy
related
directly
or
police
framework
related.
But
if
we
assume
we
are
using
an
external
orchestrator
again
in
telecom
world,
the
orchestration
systems
are
pretty
important.
B
Like
ossps
systems,
for
example,
they
are
totally
external
to
all
these
cica
technologies
and
perhaps
the
policy
frameworks
and
in
some
cases
the
police
frameworks
we
have
here
may
need
to
contact
orchestrator
to
get
a
test
regarding
policy.
So
so
there
is
another
level
of
policy
enforcement
here
coming
from
another
external
system.
B
So
what
I've
been
trying
to
say
here
is
there
is
a.
There
is
a
challenge
here,
and
parts
of
the
problem
seems
to
be
about
interoperability
and,
yes,
we
are
supposed
to
work
with
cic
technologies
and
interoperability
across
those.
But
policy
seems
to
be
a
topic
that
is
surfacing
lately
and
that
may
seem
to
be
something
we
could.
Perhaps
start
discussions
around
so
before
I
continue
with
additional
challenges.
I
want
to
share
with
you
any
comments,
questions
until
the
things
I
summarized
until.
B
B
Or
have
you
experienced
similar
things
within
your
organizations
or
communities?
I
wonder.
E
I
did
something
similar
some
time
back,
really
trying
to
see
if
there
was
kind
of
some
standard
policies,
and
I
I
think
that
even
the
term
policy,
I
think
that
that
spinnaker
has
done
a
great
job
of
bringing
forward
this
like
concept
of
of
policies,
because,
for
example,
inside
of
our
what
we
call
our
deploy
hub
pro,
which
is
a
the
the
commercial
version
of
ortilius.
E
We
have.
We
have
restrictions
and
ways
to
restrict
like
rollouts
in
particular,
but
we
don't
call
them
policies.
I
don't
know
if
we
ever
thought
to
call
them
policies
and
I'm
wondering
if
there
are
other
tools
that
have
policies
but
have
never
called
them
policies.
Or
you
know
those
are
just
ways
that
you
can
set
up
a
particular
release.
If
you
want
to,
I
don't
know.
E
B
Because
that
is
one
of
the
points
I
want
to
highlight
like
because
when
I
was
searching,
I
searched
for
two
things:
policy
is
one
of
them,
and
rules
is
another
because
there
seems
to
be
like
mix
between
policy
versus
rule,
and
now
what
you
are
saying
is
kind
of
similar
to
this.
It
may
be
called
something
else
which
I
don't
know
what.
E
Don't
know
what
either,
but
I
think
that
we
call.
I
think
that
that
we
call
them
rules,
so
I
think
it's
a
really.
This
is
a
good
discussion
to
be
having,
because
I
think
many
of
many
of
these
devops
tools
have
these
kinds
of
you
have
to
you
actually
have
to.
Otherwise
you
wouldn't
be
able
to
build
a
kind
of
a
solution,
but
I
don't
know
if
we
ever
called
them.
I
think
bringing
up
the
discussion
of
policies
is
important
and
now
that
you
point
it
out.
E
No,
I
don't
think
it
is.
I
mean-
maybe
maybe
I'm
just
having
this
experience
myself
for
some
reason,
but
I
swear
not
long
ago.
You
know
I
was
looking
at
how
armory
was
setting
up
policies,
and
I
was
like
I
wonder
if
anybody
else
calls
them
policies
and
I
started
googling
and
I
couldn't
really
find
any
other
ci
cd
tools
that
were
talking
about
policies
in
that
way,
even
though
I
recognized
even
in
ortillius,
that
is
really
not
a
ci
cd
tool.
E
B
Okay,
but
then
this
could
be
one
of
the
things
you
know
we
can
continue.
You
know
at
least
collecting
information
about
to
see.
Okay,
oh
this
project
actually
does
this,
but
it
caused
something
else.
So
that
could
be
one
of
the
you
know.
Outcomes
of
this
discussion
and
the
other
could
be
like
the
actual
interoperability
issues.
B
I
did
that
actually
upcoming,
like
I
didn't,
collect
the
things,
but
I
collected
links
because,
as
you
also
mentioned
like-
and
I
have
a
disclaimer
here,
I
didn't
search
the
right
thing
or
it's
probably,
I
didn't
write
social.
I
think
I
included
links
and
mainly
vendors
called
this
policy.
B
I
found
lots
of
references
in
cloud-based,
documentation,
armory,
documentation,
google
f5
networks
and
some
others,
which
I
had
the
links
at
the
last
slide
and
those
could
be
you
know
collected
as
the
things
the
organizations
call
this
thing
policy,
and
then
we
can
add
more
to
that
list.
Saying.
Oh,
this
comment
is
named
this
this
way,
but
it
actually
is
the
same
thing.
E
B
B
Yeah
but
then
yeah
source,
two
please.
C
What
I
think
is
gonna
we're
gonna
see
is
that
not
one
tool
is
gonna,
be
able
to
take
the
policy
discussion
from
the
very
beginning,
all
the
way
to
the
end,
and
what
I
mean
by
that
like
on
your
example
around
the
ports
and
the
privileges,
there'll,
be
certain
tools
that
focus
on
looking
for
those
types
of
flaws
in
a
container
image
so
and
then
there'll
be
other
ones
that
are
looking
for,
like
on
your
block
list.
That
would
be
like
a
a
license.
C
You
know
somebody
brings
in
a
lesser
canoe
license
and
the
the
company
says
we're
not
using
the
the
lesser
or
or
the
basic
gnu
license.
So
you
know
something.
That's
looking
at
port
vulnerabilities
and
somebody's
looking
at
licenses
are
going
to
be
two
different
technologies,
and
I
don't
I
don't
think
we'll
find
anybody
all
the
way
across
the
that
solves
it
from
beginning
to
end.
C
E
E
B
E
E
And
that
and
there
could
be
specific
policies
based
on
you-
know:
healthcare
based
on
yeah
banking.
E
E
B
Yeah
but
then
I
I
suggest
I
join
best
practices
meeting
one
of
the
upcoming
ones
and
we
take
a
similar
discussion
there
with
the
that
groups
participants,
while
keeping
the
technical
like
interrupt
aspects
continue
here,
perhaps
and
the
actual
best
practice
aspects.
We
can
broaden
the
topic
to
multiple
groups
and
also
end
user
group.
E
C
C
E
You
know
father,
you,
would
you
consider
doing
a
presentation
of
this
sort
to
to
the
cdf
online
meetup.
B
E
Okay,
well,
you
just
tell
me
a
month
we
have
february's
taken.
I
I
reached
out
to
steven
toronto
to
see
if
he
wanted
to
do
the
jte
for
for
march,
but
maybe
april.
B
F
Yeah,
I
agree
to
do
it
with
some
noise
about
the
different
namings.
I
mean
on
objection
side,
as
you
may
know,
I
mean
we
have
very
low
level,
abstractions,
just
tasks
and
pipelines,
and
things
like
that
and
we
we
do
have
ways
to
to
apply
conditions
and
like
within
pipelines.
We
do
call
them
conditions
and
like
before
pipeline
even
starts.
We
have
ability
to
have
interceptors.
F
F
So
that's
something
like
you
would
do
like
having
a
task
or
a
custom
interceptor
that
calls
out
to
a
policy
engine,
but
it
might
be,
at
least
if
there
is
some
kind
of
standard
around
this.
It's
something
that
which
for
sure
would
be
interesting
to
do
in
that
low
level
like
that
to
to
integrate
with
a
standard
way
of
enforcing
policies.
Interesting.
B
So,
for
the
sake
of
time,
I
I
want
to
continue
to
the
rest
of
the
slice.
So
steve
has
enough
time
for
ortelius,
but
then
we
we
can
keep
this
topic
for
both
best
practice
and
this
group's
agendas
for
upcoming
meetings
and
continue
diving
to
details,
because
I
don't
know
there
would
be
this
much
interest.
B
But
thanks
for,
like
the
participation
in
the
conversation,
I
feel
better
now
so
the
other
thing
I
noticed
like
apart
from
the
common
terminology
which
we
have
been
dealing
since
the
very
beginning
of
this
group,
the
policy
types
discussed
by
the
communities
or
vendors
is
mainly
focused
around
security
vulnerability
aspects.
As
I
mentioned
here,
the
business
type
of
policies.
They
are
not
really
discussed.
Much
and
again,
I
may
be
searching
for
wrong
thing.
That
is
highly
possible,
but
this
is
what
I
was
able
to
find
like
this.
B
Aqua
security
is
another
company
who
talks
about
the
policies
and
security
enforcement
and
so
on,
but
as
tracy
highlighted
like
fintech
or
health
industry,
they
may
have
different
type
of
business
or
industry
specific
policies,
so
this
topic
may
require
some
further.
You
know
analysis
to
see
what
kind
of
policies
different
industries
or
end
users
may
be
after
and
the
other
thing
again,
not
many
companies
talking
about
policy
and
see.
I
see
the
context
now
I
know
tecton
has
conditions
the
deploy
hub.
B
Pro
has
something
similar
name
differently,
so
it
would
be
good
to
collect
those
terms,
so
we
can
find
who
is
doing
what
and
then
have
conversations
with
those
communities
and
projects,
and
another
challenge
I
noticed
is
like
development
and
life
cycle
management
of
policies,
because
policies
are
probably
not
static.
Your
policies,
change
regulations,
change.
You
may
need
to
adapt
your
existing
policy
to
the
new
regulations
or
create
new
policies,
and
the
differences
in
dsl
is
a
problem,
some
communities
or
like
projects.
B
B
B
So
these
are
very
rough
questions
around
the
interoperability
aspects
of
the
policy,
a
few
ideas,
so
policy
is
critical
for
all
types
of
businesses
like
yeah,
you
can
be
startup,
but
it
is
still
important.
You
don't
expose
yourselves
to
risks
if
you
use
some
base
image
with
no
vulnerabilities,
so
it
is
important
for
all
kinds
of
businesses
and
the
governance
and
compliance
is
one
of
topics
highlighted
by
cdfn
user
console
q4
topic.
B
So
if
we
start
working
on
this
topic
or
area,
then
we
could
contribute
to
end
user
console
work
as
well
by
the
time
they
start
talking
about
this
topic
and
make
contributions
to
that
work,
making
end
users
lives,
easier
and
finally,
last
proposal
kind
of
to
start
a
new
work
stream
or
new
document
or
new
rep
or
whatever,
to
collect
extinct,
implementations,
existing
approaches,
starting
with
the
vocabulary
thing
again
continuing
with
the
frameworks
used
by
the
different
projects
and
see
what
are
the
similarities.
What
are
the
gaps
and
push
this
topic
forward?.
B
B
C
B
E
B
So
that
was
all
thanks
for
the
good
conversation
and
sorry
still
for
taking
out
of
time.
I
didn't
expect
this
much
time
to
be
spent
on
this,
but
it
was
good
actually.
B
So
the
next
topic
was
on
standardized
metadata.
We
are
on
to
your
steve.
If
you
want
to
say
a
few
words
about
it,
so.
C
I
was
tasked
with
the
the
git
commit,
cha
and
kind
of
describing
the
definition
around
that.
So
one
of
the
things
I
found
was
that
the
git
commit
is
actually
in
a
transition
process
from
sha-1
to
sha-256.
C
C
I
did
see
that
the
representation
our
40
character
string-
I
could
not
tell
if
they're,
going
to
in
some
way
signify
that
it's
a
256
versus
a
version,
one
of
the
string,
so
that
was
something
I
could
not
tell
as
part
of
that
process.
C
But
basically
the
formats
around
the
shot
are
going
to
be
the
40
character.
Hexadecimal
string,
sometimes
you'll
see
it
prefixed
with
the
sha
colon
or
without
it,
and
then
we
have
the
the
seven
character
version,
which
is
the
short
one.
The
seven
character,
one
is
not
is
not
guaranteed
to
be
unique.
You
can
have
name
clashes
across
two
commits
with
the
short
one.
C
So,
on
the
persistent
side,
we
should
definitely
be
looking
at
storing
the
long
version
just
so
we
can
skip
any
accidental
clashes
and
references
to
the
wrong
commit
the
one
thing
on
the
persistence
I
was
thinking
about,
and
I've
seen
this
done
with
other
tools.
Is
they
actually
break
out
the
algorithm
from
the
from
the
the
string
itself?
C
So
you
can
as
a
persistent
layer,
and
this
may
become
more
general.
Let's
say
we
want,
like
the
md5
of
a
zip
file
that
we
want
to
store.
We
may
want
to,
instead
of
calling
it
like
a
git
commit
on
the
persistent
side
that
we
just
call
it
a
checksum
and
you'd
break
the
checksum
into
two
pieces.
One
is
the
algorithm,
then
the
other
one
followed
by
the
the
string
itself,
which
allows
to
be
a
little
more
flexible.
C
B
Thanks
steve,
so
this
document
yeah,
we
have
a
pull
request
in
the
new
repo,
so
once
that
pull
request
goes
in,
this
version
will
be
there
as
well
steve.
I
will
ping
you
on
slack
when
that
happens,
so
you,
you
will
see
it
in
repo
as
well.
B
This
is
good
because
this
is
connected
to
the
git
repo
as
well.
So
when
we
submit
this,
it
will
end
up
in
the
new
ripple
anyways.
Okay
thanks,
so
I
can
stop
sharing
steve.
Unfortunately,
we
have
16
minutes
for
the
artilleries
presentation
and
you
can
take
the
rest
of
the
meeting
and
put
up
some
more
no.
G
Problem
yep,
real
quick:
this
is
dave
sudia.
I
got
assigned
working
on
the
artifact
metadata
and
I
just
want
to
call
out
real
quick.
I
started
a
new
job
on
january
2nd
and
then
we
ended
up
kind
of
unexpectedly
getting
into
y
combinator,
and
so
I've
just
been
really
really
busy,
but
but
it
is
still
on
my
on
my
list.
G
C
And
I
I
I
may
take
a
look
at
that
and
it
was
around
artifacts.
G
C
All
right
I'll
take
a
look
at
that,
so
let
me
get
started
here,
we'll
go
through
this
pretty
quick,
I'm
just
going
to
give
you
guys
a
high
level,
so
we
are
looking
at
deploy
hub,
which
is
the
downstream
of
ortilius.
I'm
just
going
to
be
focusing
on
the
artillious
aspects
of
what
we
do.
C
C
These
are
going
to
be
the
domains
that
are
going
to
be
used
for
the
microservices
or
api
developers,
I'll
use
the
words
interchangeably
between
a
microservice
and
an
api,
but
they're,
basically,
where
we're
going
to
be
able
to
categorize
a
set
of
services
that
are
going
to
be
reused
or
have
the
capability
of
being
reused.
So
in
this
case
we
have
a
ad
service
domain
and
a
cart
service
and
recommendations,
and
those
are
all
part
of
the
store
services,
so
you
can
have
through
the
domain
hierarchy
you
can
have.
C
C
The
one
single
sign-on
that
was
was
chosen,
you'll
see
where
the
services
come
into
play
here
in
a
little
bit
in
a
different
context,
around
components,
then,
on
the
right
hand,
side
we
have
the
concept
of
products
or
applications
these.
This
is
the
consuming
side
and
in
this
example,
we're
working
with
the
hipster
store,
which
is
a
micro
service
based
storefront,
and
it
can
have
the
different
life
cycle
or
pipeline
stages
as
part
of
that
process.
C
C
Now
this
allows
us
to
package
together
and
provide
us
a
logical
view
of
an
application
in
or
the
artelias
world.
When
we
talk
about
components
or
component
versions,
they
can
be
pretty
much
anything.
The
ad
service
may
be
a
web
ear
file.
The
email
service
may
be
a
docker
container
running
in
kubernetes
the
front
end.
Maybe
some
node.js
running
in
an
ec2
instance
the
size
of
the
component
doesn't
matter
to
us.
C
It
could
be
a
lambda
function
or
a
database
component
that
we
manage,
but
what
we're
doing
is
we're
building
the
relationships,
the
consumers
and
relating
the
consumers
and
producers
together
of
what's
what's
happening
at
the
application
level.
C
So
if
we
take
another
look
at
it
in
the
middle
here,
we
have
our
application
version
and
the
consuming
services
just
another
picture
of
the
way
the
relationships
are
are
built
out
when
we
we
do
have
a
deployment
engine,
it's
not
necessarily
that
we
use
our
deployment
engine.
We
can
fit
into
existing
deployments
like
spinnaker
jenkins
techton
any
of
those.
In
this
case,
our
deployment
engine
did
the
deployment
and
we
deployed
out
to
our
our
our
cluster
here
and
we
ended
up
deploying
everything,
because
we
recognized
that
none
of
this
existed.
C
We
went
and
deployed
everything
out
to
our
our
cluster
here.
So
if
we
go
to
another
version
and
look
at
version,
our
next
version
that
happened,
one
of
the
things
that
changed
between
these
two
versions
was
just
the
cart
service.
All
the
other
services
ended
up
being
the
same,
and
just
we
ended
up
with
the
the
150
version
of
the
cart
service.
C
C
C
The
reason
being
is
we
can
separate
data
from
definition
and
pass
in
data,
depending
on
where
we
are
in
the
pipeline,
whether
we're
deploying
to
development,
qa
or
production.
We
can
separate
the
data
from
definition
and
reuse
the
same
chart
and
apply
it
the
correct
values,
this
other
information
we're
gathering
from
our
plugins
into
the
different
ci
tools.
C
C
So
in
this
case,
we
can
see
that
this
version
is
being
consumed
by
three
different
applications
out
there,
I'm
just
going
to
span
across
not
only
applications
within
my
my
realm
that
I
have
security
to,
but
also
applications
that
are
across
domains
as
part
of
that
process.
C
What
this
allows
us
to
do
what
we
do
at
the
deploy
hub
level
is,
we
actually
can
start
taking
a
look
at,
and
this
is
one
of
the
deploy
hub
features
is
comparing
what's
changed
between
components,
so
we
can
see
that
the
only
thing
that
changed
was
the
basically
we
got
a
new
container
as
per
that
process.
C
But
if
we
look
at
the
application
layer-
and
I
compare
my
base
version
to
my
current
version-
we
can
actually
see
what's
happened
between
that.
So
in
this
case
we
have
our
our
our
base
version
and
our
new
version
that
came
out
of
the
the
whole
pipeline
process
and
the
only
image
only
component
that
was
updated
was
the
the
cart
service
as
part
of
that
process.
C
Some
of
the
other
relation
all
this
other
stuff
is
is
identical
because
we
keep
track
of
these
relationships.
We
could
actually
start
comparing
what's
the
difference
between
two
environments
or
two
clusters,
so
in
this
case
I
can
compare
the
two
clusters
my
test
cluster,
with
my
production
cluster,
and
I
can
see
the
only
differences
are
in
some
key
value
pairs
where
we
have
the
key
vault.
The
context
whether
we're
using
stackdrivers
stuff
like
the
minimum
replica
set,
is
the
same
and
then
thank
god.
C
We
have
all
the
right
right
containers
between
testing
and
production
in
this
case.
So
that's
just
a
a
quick
high
level
of
ortelius,
like
I
said
where
we
fit
into
the
process,
is
where
we're
gonna
be
gathering
the
additional
information
around
what's
being
built
as
part
of
that
process.
We
are
scoping
out.
C
We
just
talked
about
this
previously,
just
before
this
meeting
was
to
start
adding
in
additional
attributes
such
as
the
owner's
email
address,
owner's
phone
number,
the
development
slack
channel,
for
example,
the
the
url
to
the
blog
files
for
the
service
pagegate
links.
Those
are
the
those
types
of
relationships
we're
gonna
be
adding
on
so
from
the
operation
side.
C
C
B
Yeah
thanks
ashley.
So
I
think
that
was
it.
We
have
three
minutes
left.
Anyone
wants
to
bring
up
last
minute
topic
or
any
questions
comments.